Why Won't The X Applications Launch From The WUI?

The Network Security Toolkit web based user interface (WUI) provides many links to launch X based applications. In order to use these links, all of the following conditions must be met:

Note:

By default, Fedora Core distributions which use the gdm desktop manager do not permit TCP connections to the X server. You can used the gdmsetup utility to enable this feature. Alternatively, you can add (or modify) the following line in your /etc/gdm/custom.conf (if you are running a version of Fedora prior to Fedora Core 5, the configuration file is: /etc/X11/gdm/gdm.conf).

[security]

# Adding the following to the [security] section will
# allow TCP connections to the X server

DisallowTCP=false

After updating the gdm configuration, you will need to restart gdm. This can be done using the gdm-restart utility or by killing the gdm process.

[pkb@salsa fc2]$ ps -ef | grep gdm
root      1606     1  0 Nov02 ?        00:00:00 /usr/bin/gdm-binary -nodaemon
root      1804  1606  0 Nov02 ?        00:00:00 /usr/bin/gdm-binary -nodaemon
root      1815  1804  2 Nov02 ?        00:31:22 /usr/local/bin/X :0 -audit 0 -auth /var/gdm/:0.Xauth vt7
pkb       8482  1940  0 06:53 pts/0    00:00:00 grep gdm
[pkb@salsa fc2]$ kill 1606
        

Caution

Make sure you close all of your X applications BEFORE restarting the gdm process as all processes owned by the X server will be killed.

Example: Rendering an X Application on a remote X Server

Lets show a simple example of displaying the xclock application from a Network Security Toolkit probe (192.168.128.3) to a Fedora Core 2 workstation (192.168.128.4).

First lets try to display xclock on the Fedora Core 2 workstation (192.168.128.4).

[root@probe tmp]$ export DISPLAY=192.168.128.4:0.0; xclock &
[root@probe root]# Xlib: connection to "10.222.222.14:6.0" refused by server
Xlib: Client is not authorized to connect to Server
Error: Can't open display: 192.168.128.4:0.0

[1]+  Exit 1                  xclock
        

One can see that the Network Security Toolkit probe is not authorized to connect to the Fedora Core 2 workstation. We need to allow authorization for X services to the Network Security Toolkit probe (192.168.128.3) by using the xhost command. The xhost command is now run on the Fedora Core 2 workstation:

[root@fc2 tmp]$ xhost +192.168.128.3
[root@fc2 tmp]# xhost
access control enabled, only authorized clients can connect
INET:192.168.128.3
        

The xclock application will now be properly rendered on the Fedora Core 2 workstation's X screen 0:0.

[root@probe tmp]$  export DISPLAY=192.168.128.4:0.0; xclock &      
        

Figure 8.1. Rendered XClock on Remote X Server

Rendered XClock on Remote X Server